Overview

overview

7

Static

static

3

X89vM9vMa.exe

windows7-x64

7

X89vM9vMa.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    48s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    17-05-2024 00:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    X89vM9vMa.exe

  • Size

    769KB

  • MD5

    91f3d54d71a0751d55fc066d7831f356

  • SHA1

    990c18b063c78cecfac1ae3d870058e5f1619613

  • SHA256

    5b459f91fab604c2630768e0423c7d0004aab701978154e1a1ce8d2460ab945f

  • SHA512

    e40818039bc0855b108d4e4cb703a399ccbdb86c1df577b81cb9e7a07fd588a18e31f3d805af01d3d8e37ecc4a87d819641408526b7ae12a13e981d351528551

  • SSDEEP

    24576:02L5Lk/HCPg8U/z8pzB8/M3GG+/4/pNLC:0K5QHClU7aEs

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\X89vM9vMa.exe
    "C:\Users\Admin\AppData\Local\Temp\X89vM9vMa.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2260
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2260 -s 620
      2⤵
        PID:2712
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe"
      1⤵
        PID:2608

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • \Users\Admin\AppData\Local\Temp\bdfe1398330148c085d9bc6215bd335b\WebView2Loader.dll
        Filesize

        133KB

        MD5

        a0bd0d1a66e7c7f1d97aedecdafb933f

        SHA1

        dd109ac34beb8289030e4ec0a026297b793f64a3

        SHA256

        79d7e45f8631e8d2541d01bfb5a49a3a090be72b3d465389a2d684680fee2e36

        SHA512

        2a50ae5c7234a44b29f82ebc2e3cfed37bf69294eb00b2dc8905c61259975b2f3a059c67aeab862f002752454d195f7191d9b82b056f6ef22d6e1b0bb3673d50

        Download Submit

      • memory/2260-0-0x000007FEF5B33000-0x000007FEF5B34000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2260-1-0x00000000008F0000-0x00000000009B6000-memory.dmp

        Filesize

        792KB

        Download

      • memory/2260-6-0x000007FEF5B30000-0x000007FEF651C000-memory.dmp

        Filesize

        9.9MB

        Download

      • memory/2260-7-0x00000000005D0000-0x00000000005E6000-memory.dmp

        Filesize

        88KB

        Download

      • memory/2260-8-0x000007FEF5B30000-0x000007FEF651C000-memory.dmp

        Filesize

        9.9MB

        Download